<script type="text/javascript">
	function viewOrders(url){
		window.location = url;
	}
	
	function delOrders(url){
		window.location = url;
	}
</script>
<?php
	@$code = $_GET['code'];
	@$act = $_GET['act'];
	if($code != '' && $act == 'del')
	{
		$esc_arr = $exec_mysql->escape_string(array($code));
		$query = sprintf("delete from orders where code = '%s'", $esc_arr[0]);
		$exec_mysql->execute($query, 0);
	}
?>
<table class="table-list" width="90%">
	<tr class="table-header"><td>STT</td><td>Tên khách hàng</td><td>Email</td><td>SĐT</td><td>Địa chỉ</td><td>Ngày đặt hàng</td><td>Xóa</td></tr>
    <?php
    	$result = $exec_mysql->execute("select code, full_name, email, phone, address, view, orders_date from orders order by orders_date desc", 0);
		$no = 0;
		
		while($row = mysql_fetch_array($result))
		{
			$code = $row['code'];
			$no++;
			if($row['view'] == 0)
				echo '<tr style="font-weight:bold; cursor:pointer" >';
			else
				echo '<tr style="cursor:pointer">';
			echo '<td align="center" onclick="viewOrders(\'admin_master_page.php?cmd=5.1&code='.$code.'\')">'.$no.'</td>';
			echo '<td onclick="viewOrders(\'admin_master_page.php?cmd=5.1&code='.$code.'\')">'.$row['full_name'].'</td>';
			echo '<td onclick="viewOrders(\'admin_master_page.php?cmd=5.1&code='.$code.'\')">'.$row['email'].'</td>';
			echo '<td onclick="viewOrders(\'admin_master_page.php?cmd=5.1&code='.$code.'\')">'.$row['phone'].'</td>';
			echo '<td onclick="viewOrders(\'admin_master_page.php?cmd=5.1&code='.$code.'\')">'.$row['address'].'</td>';
			echo '<td onclick="viewOrders(\'admin_master_page.php?cmd=5.1&code='.$code.'\')">'.$row['orders_date'].'</td>';
			echo '<td align="center"><a href="javascript:void()"><img src="img/ico_delete.png" title="Xóa" onclick="showConfirm(\'Xác nhận\', \'Bạn có chắc muốn xóa đơn đặt hàng này không?\', \'delOrders([admin_master_page.php?cmd=5&code='.$row['code'].'&act=del])\')" /></a></td>';
			echo '</tr>';
		}
	?>
</table>
